PrepAway - Latest Free Exam Questions & Answers

which of the below mentioned statements is true?

A user has enabled versioning on an S3 bucket. The user is using server side encryption for data at Rest. If the
user is supplying his own keys for encryption (SSE-C., which of the below mentioned statements is true?

PrepAway - Latest Free Exam Questions & Answers

A.
The user should use the same encryption key for all versions of the same object

B.
It is possible to have different encryption keys for different versions of the same object

C.
AWS S3 does not allow the user to upload his own keys for server side encryption

D.
The SSE-C does not work when versioning is enabled

Explanation:
AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side encryption
can either have the S3 supplied AES-256 encryption key or the user can send the key along with each API call
to supply his own encryption key (SSE-C). If the bucket is versioning-enabled, each object version uploaded by
the user using the SSE-C feature can have its own encryption key. The user is responsible for tracking which
encryption key was used for which object’s version


Leave a Reply

Your email address will not be published. Required fields are marked *